Every healthcare clinic and hospital around the globe remains at risk of being attacked by cybercriminals. And remember small does not mean safe!
Criminals sometimes target specific organisations, but many attacks are carried out by bots that randomly attack millions of companies continually all over the world until they succeed. And that organisation could just as likely be you, or a chip shop in Manchester or a school in Beijing.
The tantalizing target on healthcare’s back has been attributable to outdated IT systems, fewer cybersecurity protocols and IT staff, valuable data, and the pressing need for medical practices and hospitals to pay ransoms quickly to regain data.
And 2021 stats from a US Cyber company (Herjavec Group) make for stark reading
Simply put this is a malicious attack against a network where the criminals get access to data and either steal it, threaten to delete it, or encrypt it. The criminals will then demand a payment for the return of the data.
Imagine how this could affect a hospital – sensitive patient data, financial details for clients and treatment plans and drug plans for patients - these could all be compromised or lost.
The reality is that ransomware is now viewed as a business model and many entities behind these attacks will present themselves as being on the same side as the victim.
So, in return for the payment your organisation will often be supported through a process which will return the data that has been encrypted / stolen. It is worthy of note that paying the ransom does not guarantee the return of the data and certainly does not guarantee that it won’t be sold on or published at some point in the future. Also, your network will still be infected, and you are more likely to be targeted again in the future.
The paying of the ransom has moral and ethical undertones that may not be immediately apparent when you are faced with such an attack.
Consider the fact that you may be financially supporting terrorists or criminals by paying the ransom.
Ransomware is always preceded by an attack on the network itself, commonly through a phishing e-mail or brute force attack. These attacks are increasing in complexity and sophistication meaning that defence against these dark arts needs continual review. But the key points for protection to remember are:
The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of data and permanent loss of reputation. But all is not lost.
Here at the centre, we would advise you to do things now
Whatever you decide to do, doing nothing is no longer an option. So come and join the centre as free members and let us help you protect your organisations from the ever presents threats out there in the cyberverse.
Click to Open Code Editor